possible dns attacks

NEW YORK (Reuters) - Online brokers E+Trade Group Inc. (NasdaqNM:EGRP - news) and Datek Online Holdings Corp. on Wednesday became the latest apparent victims of computer hackers who have wreaked havoc across the Internet this week.

E+Trade, the No. 2 U.S. online broker, and Datek, the fourth-largest, said that some of their customers were unable to log on to their respective sites after the routers the brokers used were overwhelmed by traffic.
It was the third day in a row that computer hackers appeared to have caused trouble on the Internet after attacking some of the most popular sites such as Yahoo! and Buy.com Inc. (NasdaqNM:BUYX - news) earlier this week.
Wednesday February 9 12:22 PM ET
Two More Brokers Apparent Victims of Hackers
NEW YORK (Reuters) - Online brokers E+Trade Group Inc. (NasdaqNM:EGRP - news) and Datek Online Holdings Corp. on Wednesday became the latest apparent victims of computer hackers who have wreaked havoc across the Internet this week.

E+Trade, the No. 2 U.S. online broker, and Datek, the fourth-largest, said that some of their customers were unable to log on to their respective sites after the routers the brokers used were overwhelmed by traffic.

It was the third day in a row that computer hackers appeared to have caused trouble on the Internet after attacking some of the most popular sites such as Yahoo! and Buy.com Inc. (NasdaqNM:BUYX - news) earlier this week.

``Access to the site was essentially clogged up,'' E+Trade spokesman Patrick DiChiro told Reuters, adding that less than 20 percent of the customers were unable to log on. E+Trade said its site had problems for more than an hour beginning at about 8 a.m. EST while Datek's problems lasted from 9:30 a.m. to 10:05 a.m. EST.

``It seems to be related to the 'denial of service' attack,'' Chief Technological Officer Peter Stern told Reuters, referring to the attacks on Yahoo! on Monday. ``I don't know if they were hackers, but I find it highly unlikely that someone just pulled the plug (on one of the routers).''

Routers direct traffic over telecommunications networks.

E+Trade and Datek said most of their customers had not had trouble logging on and those who did were rerouted.

``The site was never down, our site security was never compromised (and) customer accounts were never compromised,'' said E+Trade's DiChiro.
Meanwhile, Charles Schwab & Co. Inc. (NYSE:SCH - news), the No. 1 U.S. online broker, and Ameritrade Holding Corp. (NasdaqNM:AMTD - news) said they had not any trouble so far.

Officials at TD Waterhouse Group Inc. (NYSE:TWE - news), which apparently uses the same troubled router as Datek, could not be reached for comment. "

Answers

---u-h-h-h-, is anyone really sure that these "router" problems
are really suffering malicious attacks? wasn't it reported here and
elsewhere that those cisco routers had some serious y2k probs? could
this be the reason, and now it's finally starting to manifest itself in
these ways? Only asking, because of that stupid Y2K 90 day "you get to
lie legally" free ride law that was passed. Besides that, have zero
idea. Like has been stated, hakkers usually claim credit, like "this
site hakked by 'tHe acNe LibErAtIoN fRont To fReE kEviN'" or some such
nonsense.

--Michael, that thread was like a month ago. what I remember is that
Cisco (it was reported) had "patches" on their website, as in
emergency, right before and after rollover. I don't bookmark individual
threads, I'd go nutz! and ok, before any trolls grab it, "it's a short
drive"!hahahah!

LOL zog- Some would say that I've already been around that block a
couple of times. Thanks for the reply anyway. This came via linkage
by way of the flight 261 story and the motor used in the control of
the stabilizer, I think. Guess it's time to take my Zinc. (;^}`

Just a thought. But could this be a TROJAN horse or other virus type put into these ites during the remediation of their systems in prep. for y2k?
I know there was alot of warning about the possiblity of even terrorists planting thiese types into systems while they were pposedly `fixing` it for y2k. anyone?

My son - a computer nut - says he thinks the downtimes which
Yahoo.com and others are having are caused by hacker/kids who are
having competitions to see who can get in first. Don't know if this
sounds feasible.

No, I think it's real. DoS attacks are technically EASY to implement.
A couple of fast PCs on a fat wire could effectively shut down any of
these sites for a short time. The tricky part is staying ahead of the
site administrators. Once they see lots of traffic from an attacking
IP address they'll block it so the hacker has to move to a different
IP address to continue the attack.

From what I heard on the news the hackers are adressing this by using
security breaches in the systems of third parties to launch their
attacks. That is, they hack into Company A, and use it's computers to
attack. Once the IP address of Company A is blocked they move onto
Company B, and so on.

This servers two purposes; it allows them to sustain the attack and
also effectively blocks any attempts to find out who the attackers
really are. To make matters worse many of the attacks seem to be
coming from the computers of companies located overseas. The hackers
themselves, of course, could be anywhere...

--thanks, tech 32, this thing has ben a tossup so far in my mind, but
now I'm leaning towards the hack attack. next question, why no claims,
and would they purposefully go to an offshore puter if there really was
no way to trace after the initial port jacking? Well, another, seems
like they could make several jumps before the attack as well.

--thanks, tech 32, this thing has ben a tossup so far in my mind,
but now I'm leaning towards the hack attack. next question, why no
claims, and would they purposefully go to an offshore puter if
there really was no way to trace after the initial port jacking? Well,
another, seems like they could make several jumps before the attack as
well.

Why no claims? Because the only people they have to impress are other
members of the hacker community. You can bet THEY know who's doing
this. Why go overseas? Their infrastructure/security procedures tend
to be weaker than in the US. Then there are the thorny legal issues
of trying to coordinate efforts with foriegn law enforcement agencies
and companies to try and trace back the hacks.

You know, it's entirely possible that the program they used to do the
attacking was placed on the companies computers weeks ago and only
launched when someone made a single connectection to 'turn it on'.
It's also possible that they had the program running all the time in
the background, having it periodically check some OTHER web site to
see if it should turn itself on and where it should attack. Heck,
these guys could be at a local McDonalds giggling over chocolate
shakes while the folks at the site under attack are tearing their hair
out. Suffice it to say there are lots and lots of ways for them to
cover their tracks.

I know it's hard to believe but stuff like this is a breeze to write
if you have any type of real web programming experience (we're not
talking HTML here). DoS attacks are especially easy since you don't
need any interaction with the target site. It's like someone having a
whole bunch of really fast auto-dialers and using them to call your
phone non-stop. All they have to do is dial, hang-up, and dial again
over and over and over. No one would ever be able to get through to
you.

There is no question that in coming years these attacks are going to
increase in both frequency and intensity. We'd better get used
it folks...